Class DenyMetadataQueryManager
java.lang.Object
org.kawanfw.sql.api.server.firewall.DenyMetadataQueryManager
- All Implemented Interfaces:
SqlFirewallManager
public class DenyMetadataQueryManager extends Object implements SqlFirewallManager
Firewall manager that denies the use of the AceQL Metadata Query API.
- Since:
- 4.0
- Author:
- Nicolas de Pomereu
-
Constructor Summary
Constructors Constructor Description DenyMetadataQueryManager()
-
Method Summary
Modifier and Type Method Description boolean
allowMetadataQuery(String username, String database, Connection connection)
Says if the username is allowed call the Metadata Query API for the passed database.boolean
allowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection)
Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
If the analysis defined by the method returns false, the SQL statement won't be executed.boolean
allowStatementClass(String username, String database, Connection connection)
Allows to define if the passed username is allowed to create and use aStatement
instance that is not aPreparedStatement
.
-
Constructor Details
-
DenyMetadataQueryManager
public DenyMetadataQueryManager()
-
-
Method Details
-
allowSqlRunAfterAnalysis
public boolean allowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection) throws IOException, SQLExceptionDescription copied from interface:SqlFirewallManager
Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
If the analysis defined by the method returns false, the SQL statement won't be executed.- Specified by:
allowSqlRunAfterAnalysis
in interfaceSqlFirewallManager
- Parameters:
sqlEvent
- the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details)connection
- The current SQL/JDBCConnection
- Returns:
true
. No analysis is done so all SQL statements are authorized.- Throws:
IOException
- if an IOException occursSQLException
- if a SQLException occurs
-
allowMetadataQuery
public boolean allowMetadataQuery(String username, String database, Connection connection) throws IOException, SQLExceptionDescription copied from interface:SqlFirewallManager
Says if the username is allowed call the Metadata Query API for the passed database.- Specified by:
allowMetadataQuery
in interfaceSqlFirewallManager
- Parameters:
username
- the client username to check the rule fordatabase
- the database name as defined in the JDBC URL fieldconnection
- The current SQL/JDBCConnection
- Returns:
false
. (Client programs will never allowed to call the Metadata Query API).- Throws:
IOException
- if an IOException occursSQLException
- if a SQLException occurs
-
allowStatementClass
public boolean allowStatementClass(String username, String database, Connection connection) throws IOException, SQLExceptionDescription copied from interface:SqlFirewallManager
Allows to define if the passed username is allowed to create and use aStatement
instance that is not aPreparedStatement
.- Specified by:
allowStatementClass
in interfaceSqlFirewallManager
- Parameters:
username
- the client username to check the rule fordatabase
- the database name as defined in the JDBC URL fieldconnection
- The current SQL/JDBCConnection
- Returns:
true
. (Client programs will be allowed to create rawStatement
, i.e. call statements without parameters.)- Throws:
IOException
- if an IOException occursSQLException
- if a SQLException occurs
-